Via Wired.com -
It took a high-speed chase and some gunplay, but two men in Lincoln, Nebraska, are the first to face felony charges for using default passcodes to reprogram retail cash machines to dispense free money.
Jordan Eske and Nicolas Foster, both 21, are in Lancaster County Jail pending an October 1st arraignment. They're each charged with four counts of theft by deception, and one count of computer fraud, for allegedly pulling cash from privately owned ATMs at four stores in the area. The pair allegedly reprogrammed the machines to believe they were loaded with one-dollar bills instead of tens and twenties. A withdrawal of $20 would thus net $380.
Cash machine reprogramming scams first became public in 2006 when a cyber thief strolled into a gas station in Virginia Beach, Virginia, and, with no special equipment, persuaded the Tranax ATM that it had $5.00 bills in its dispensing tray, instead of $20.00 bills. Threat Level later confirmed that default administrative passcodes for ATMs manufactured by industry leaders Tranax and Triton were printed in owner's manuals easily found online. Both companies said they were surprised by the scam, but an industry association of which they are members privately spotted the capers and warned members over a year earlier.
Since then, the scam has also surfaced in Derry, Pennsylvania. But the Nebraska case marks the first reported arrests for the keypad capers.
[...]
The defendants are suspected of stealing $13,600 in the Lincoln area, and pulling an unknown amount from ATMs in New Orleans, where they're from. Asked by police how they did it, "They said it's well-known on the internet," says Flood.
In 2006, both Tranax and Triton issued software patches for new ATMs that force operators to change the default passcodes on first use.
-----------------------------------------------------
I have a copy of the manual that shows the default password and I am sure it is still all over the net, if you know where to look.
Isn't two years enough time to update these machines? Srsly.
No comments:
Post a Comment